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SYSTEM AND METHOD FOR DISTRIBUTING DIGITAL RIGHTS MANAGEMENT 



DIGITAL CONTENT IN A CONTROLLED NETWORK ENSURING DIGITAL RIGHTS 



Field of the Invention 

[0001] The present invention is generally related to the field of digital rights 
management. More particularly, the present invention is related to a system and 
method for distributing digital content in a controlled network ensuring digital rights. 

Description 

[0002] In the last few years, the use of digital media of all types, such as digital 
audio and video, has grown in popularity. As more and more users enjoy access to 
digital content, the risk to content providers of losing sales to content piracy increases. 
In fact, many content providers refrain from providing media content over the Internet 
because of piracy concerns. Digital Rights Management (DRM) technology protects the 
rights of content owners and enforces the proper use of the content by consumers. 
These rights, in the form of digital information, must be distributed and enforced by 
media rendering devices in a network environment. 

[0003] In a typical home network, a user may have digital content stored on the 
user's PC (personal computer). The user may also have other devices in the home that 
are capable of playing digital media, such as, for example, portable MP3 players, boom 
boxes, home theater systems, etc. The digital content stored on the PC may be rights- 
managed content. In many instances, the user may want to play the rights-managed 
digital content on any of the rendering devices in the home. 
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[0004] Rights-managed content typically contains meta information to inform 
media renderers of wliich license to acquire and where the license may be acquired. 
The meta information may include a keylD. The keylD is a unique identifier for the 
license. The meta information may also include a licenseURI. The licenseURI is a 
reference to a license server that the media renderer is to use to acquire the license to 
play the content. 

[0005] The media renderer obtains a license to play the digital content from a 
license server using the reference l<eylD. Once a client acquires the license, a 
cryptographic key contained in the license is used to decrypt and render the media. 
[0006] Today, the license for the digital content is managed at a device level and 
not at a user level. In order to play the rights-managed content on other rendering 
devices, the user must obtain a license for a particular device and the license is 
downloaded for that particular device. Thus, the file for that license can only be played 
on the device in which the license was obtained. In other words, the user is not 
licensed to play the file on any device in the home although the user is willing to pay for 
the license. This is a major impediment when there are many rendering devices in the 
home, such as, but not limited to, home AA/ (audio/video) equipment, PCs, MPS 
players, digital video recorders, etc. The user may have content stored, perhaps on the 
PC, but may also want to play the content on another device within the home. Today's 
digital rights management licensing technology does not support this scenario. 
[0007] Thus, what is needed is a system and method for enabling a licensed user 
to distribute digital content on more than one device within the home in a secure 
manner. What is further needed is a local license server for managing the distribution of 
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licenses in tlie home to enable various devices within the home to request and receive a 
license to play rights-managed content. 

BRIEF DESCRIPTION OF THE DRAWINGS 
[0008] The accompanying drawings, which are incorporated herein and form part 
of the specification, illustrate embodiments of the present invention and, together with 
the description, further sen^e to explain the principles of the invention and to enable a 
person skilled in the pertinent art(s) to make and use the invention. In the drawings, like 
reference numbers generally indicate identical, functionally similar, and/or structurally 
similar elements. The drawing in which an element first appears is indicated by the 
leftmost digit(s) in the corresponding reference number. 

[0009] FIG. 1 is a block diagram illustrating an exemplary system architecture for 
distributing DRM digital content in a controlled network ensuring digital rights according 
to an embodiment of the present invention. 

[0010] FIG. 2 is a flow diagram describing an exemplary method for distributing 
DRM digital content in a controlled network ensuring digital rights according to an 
embodiment of the present invention. 

[0011] FIG. 3 is a flow diagram describing an exemplary method for obtaining a 
license for a digital media item according to an embodiment of the present invention. 
[0012] FIG. 4 is a flow diagram describing an exemplary method for enabling a 
media renderer to acquire a license from a local license server to enable playback of 
digital media on a media rendering device. 
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DETAILED DESCRIPTION 
[0013] While the present invention is described herein with reference to 
illustrative embodiments for particular applications, it should be understood that the 
invention is not limited thereto. Those skilled in the relevant art(s) with access to the 
teachings provided herein will recognize additional modifications, applications, and 
embodiments within the scope thereof and additional fields in which embodiments of the 
present invention would be of significant utility. 

[0014] Reference in the specification to "one embodiment", "an embodiment" or 
"another embodiment" of the present invention means that a particular feature, structure 
or characteristic described in connection with the embodiment is included in at least one 
embodiment of the present invention. Thus, the appearances of the phrase "in one 
embodiment" appearing in various places throughout the specification are not 
necessarily all referring to the same embodiment. 

[0015] Embodiments of the present invention are directed to a system and 
method for distributing digital rights management (DRM) digital content in a controlled 
network ensuring digital rights. This is accomplished by employing a local license 
server. In one embodiment, the local license server may be implemented within a home 
media server. In other embodiments, the local license server may be implemented 
anywhere in the controlled network. The local license server provides programmatic 
interfaces to acquire and distribute licenses to any rendering device on a home network. 
A media rendering device on the home network may request and receive a license to 
play rights-managed digital content. Other devices on the home network may also 
request and receive licenses to play the same rights-managed digital content. This 
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eliminates the need to obtain a license for a particular rendering device. The local 
license server maintains and enforces the terms of the license agreement. All of this is 
accomplished with very little user intervention. 

[0016] FIG. 1 is a block diagram illustrating an exemplary system architecture 
100 for distributing digital rights management (DRM) digital content in a controlled 
network ensuring digital rights. System architecture 100 comprises a home network 
102 and a wide area network (WAN), such as the Internet 116. Home network 102 is 
coupled to Internet 116. Home network 102 may be coupled to Internet 116 using dial- 
in connections, high-speed cable, digital subscriber lines (DSL), or any other well-known 
manner. 

[0017] Home network 102 is a local area network (LAN) that connects computers, 
audio/video players, televisions, personal digital assistants (PDAs), etc. using a wired or 
wireless medium, such as, for example, Ethernet or Bluetooth (or any other wireless 
protocol based on the IEEE 802.11 standard, IEEE Standards for Information 
Technology-ZTelecommunications and Information Exchange Between Systems, 
ISO/IEC 8802-11 (1999)), respectively. Home network 102 comprises a home media 
server 104, a media renderer 108, a plurality of media rendering devices, such as, for 
example, a media player or sound device 1 10, a TV or other media display device 112, 
and a personal computer (PC) 122, and a control point 114. Media player or sound 
device 110 may include, but is not limited to, a compact disk (CD) player, a MPEG- 
audio layer 3 (MPS) player, Windows Media Audio (WMA) player, etc. Other media 
display devices may include, but are not limited to, digital versatile disc (DVD) players, 
video digital recorders (VDRs), home theater systems, etc. 
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[0018] Home media server 104 is a server located in the home that contains 
references to encrypted DRM media. In one embodiment, home media server 104 
contains an enumeration of all of the media items, including a Universal Resource 
Identifier (URI) of each media item (/.e., where the media may be located) and the type 
of each media item, such as, for example, music, movies, video games, etc. In another 
embodiment, home media server 104 may also contain the actual media itself. 
Applications, such as, but not limited to, browser applications, on home network 102 
may be used to browse home media server 104. In one embodiment, home media 
server 104 may include a local license server 106 co-located within home media server 
104. In an alternative embodiment, local license sen/er 106 may be located outside of 
home media server 104, yet co-located with home media server 104. 
[0019] Local license server 106 is a license server that manages digital media 
rights in home network 102. Local license server provides programmatic interfaces to 
aquire, manage, and distribute licenses to any rendering devices on home network 102. 
Local license server 106 will be discussed in more detail below. 
[0020] Media renderer 108 is a device that can play digital media or aid in playing 
digital media available from a wide-area network (WAN), such as Intemet 116. In one 
embodiment, media renderer 108 may be a set-top box. In another embodiment, media 
renderer 108 may be a media center. In one embodiment, media renderer 108 may be 
a UPnP™ device, thus enabling media rendering devices 110 and 112 to also be 
UPnP™ devices. 

[0021] Media renderer 108 is capable of recognizing media, and can retrieve the 
keylD and the licenseURI from encrypted media content prior to decrypting. As 
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previously stated, the keylD is a unique identifier for a license and the licenseURI is a 
reference to a license server that media renderer 108 may use to acquire a license to 
play the desired digital content. 

[0022] Control point 1 14 is a wireless device similar to a remote control, PDA, or 
any other device that aids in controlling components within a home network, such as 
home network 102. Control point 114 sends and receives control actions and 
responses to operate various devices on home network 102, such as, but not limited to, 
home media server 104, local license server 106, and media renderer 108, and 
provides information for obtaining media licenses. 

[0023] Internet 116 may comprise, inter alia, one or more content servers, such 
as content server 120, and one or more license servers, such as license server 118. 
Content server 120 is an Internet-based sen/er for storing encrypted media created by 
various content providers. The encrypted media stored on content server 120 may be 
retrieved by clients over Internet 116. In one embodiment, content server 120 may be a 
Web server that stores and provides rights-managed content to clients. In another 
embodiment, content server 120 may be a media server for storing and streaming 
digital media. In yet another embodiment, content server 120 may store and stream 
digital media, including rights-managed digital content to clients. 
[0024] License server 118 is an Internet-based server for storing and managing 
licenses for any form of media. A pointer to license server 118 is referred to as the 
licenseURI. The licenses in license server 118 are indexed. The keylD identifies a 
particular license in license server 118. 
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[0025] Embodiments of the present invention use local license server 106 to 
provide key functionalities for enabling the distribution of licenses to media rendering 
devices, such as media rendering devices 1 10, 1 12, and 122, within home network 102. 
For example, local license sen/er 106 retrieves the keylD and licenseURI of the desired 
license from control point 1 14 and provides a means to acquire the license from license 
server 118. Local license server 106 provides a secure method to distribute the 
acquired license inside the home network by making sure that the license is not being 
infringed. This is accomplished by managing rules underlying the license from license 
sen/ers, such as license server 118. Local license server 106 also provides an interface 
to manage and share the digital rights management digital content. 
[0026] FIG. 2 is an exemplary flow diagram 200 describing a method for 
distributing DRM digital content in a controlled network ensuring digital rights according 
to an embodiment of the present invention. The invention is not limited to the 
embodiment described herein with respect to flow diagram 200. Rather, it will be 
apparent to persons skilled in the relevant art(s) after reading the teachings provided 
herein that other functional flow diagrams are within the scope of the invention. The 
process is described from the perspective of control point 1 14. The process begins with 
block 202, where the process immediately proceeds to block 204. 
[0027] In block 204, control point 114 enables a user to browse home media 
server 104 to select a media item to be played. When the media selection has been 
made, control point 1 14 receives a URI from home media server 104 for the media item 
selected by a user. The URI indicates a particular digital media item that the user 
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desires to be played on one or more of media renderer devices 110, 112, and/or 122 in 
home network 102. 

[0028] In block 206, control point 1 14 sends a request to media renderer 108 to 
retrieve and play the selected digital media item. The request includes the URI for the 
particular digital media item. Once media renderer 108 retrieves the desired digital 
media item and determines that the media item requires a license to be played (which is 
indicated as an event to control point 114), control point 114 will receive the keylD and 
licenseURI for the digital media item from media renderer 108 in block 208. 
[0029] In block 210, control point 114 checks local license server 106 to see if the 
license identified by the keylD and licenseURI is available at local license server 106. 
[0030] In decision block 212, it is determined whether the license is available 
from local license server 106. If the license is not available from local license server 
106, control point 114 will send a message to local license server 106 to retrieve the 
license from a license server (block 214). Local license server 106 will retrieve the 
license using the keylD and licenseURI from the license server designated by the 
licenseURI, such as license server 118. The process employed by local license server 
106 to retrieve the license is described in detail below with reference to FIG. 3. The 
process then proceeds to decision block 21 6. 

[0031] In decision block 216, it is determined whether local license server 106 
has retrieved the license from license sen/er 118. If local license server 106 has not 
retrieved the license, the process remains at block 216 to wait until local license server 
106 has retrieved the license. If a predetermined time has passed without control point 
114 receiving an indication that local license server 106 has received the license, the 
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process will timeout. If local license server 106 has retrieved the license, control point 
114 will receive an indication from local license server 106 that the license has arrived 
and the process will proceed to block 218. 

[0032] Returning to decision block 212, if it is determined that the license is 
available at local license server 106, the process proceeds to block 218. 
[0033] In block 218, control point 1 14 retrieves a location URI of the license from 
local license server 106. The location URI is the location of the license at local license 
server 106. The location URI is then sent to media renderer 108 to enable media 
renderer 108 to acquire the license, based on the rules or terms of the license, from 
local license server 1 06 and decrypt the media content to enable play of the selected 
media item on the appropriate media device(s) (block 220). The process for enabling 
media renderer 108 to acquire the license, based on the rules of the license, is 
described below with reference to FIG. 4. 

[0034] FIG. 3 is an exemplary flow diagram 300 describing a method for 
obtaining a license for a digital media item according to an embodiment of the present 
invention. The invention is not limited to the embodiment described herein with respect 
to flow diagram 300. Rather, it will be apparent to persons skilled in the relevant art(s) 
after reading the teachings provided herein that other functional flow diagrams are 
within the scope of the invention. The process begins with block 302, where the 
process immediately proceeds to block 304. 

[0035] In block 304, local license server 106 establishes a secure connection to 
control point 1 14 to obtain all necessary user credentials for acquiring a new license. In 
one embodiment, a secure sockets layer (SSL) protocol is used to establish a secure 
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connection. One skilled in the relevant art(s) would know that other secure protocols 
may also be used as well. The necessary user credentials may include, but are not 
limited to, user name and address, credit card number, expiration date of the credit 
card, the terms of the new license sought to be obtained, etc. The terms of the new 
license may include, but are not limited to, the number of times the media item may be 
played, the number of devices the media item may be played on at one time, when the 
license expires, etc. After the secure connection is established, local license server 
106 retrieves the necessary user information from control point 1 14 in block 306. 
[0036] In block 308, local license server 106 identifies a license server using the 
licenseURI and establishes a secure connection to the license server on Internet 116. 
[0037] In block 310, local license server 106 sends license sender 118 the 
required information to obtain the new license. The required information includes the 
keylD and the necessary user information received from control point 1 14. 
[0038] In block 312, the local license server acquires the new license using the 
keylD. The new license includes the terms or rules of the license that must be adhered 
to by local license server 106 in maintaining and enforcing the license. After acquiring 
the new license, local license server 106 informs control point 114 that the new license 
is now available (block 314). 

[0039] FIG. 4 is an exemplary flow diagram 400 further describing a method for 
enabling a media renderer to acquire a license from a local license server to enable play 
of a digital media item on a media device. The invention is not limited to the 
embodiment described herein with respect to flow diagram 400. Rather, it will be 
apparent to persons skilled in the relevant art(s) after reading the teachings provided 
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herein that other functional flow diagrams are within the scope of the invention. The 
process begins with block 402, where the process immediately proceeds to block 404. 
[0040] In block 404, media renderer 108 receives a URI from control point 1 14 for 
the user selected digital media item to be retrieved. Using the URI, media renderer 108 
retrieves the digital media item from a content server, such as content server 120, in 
block 406. In one embodiment, a simple Hypertext Transfer Protocol (HTTP) GET 
request may be used to retrieve the selected digital media item. One skilled in the 
relevant art(s) would know that other protocols may also be used. 
[0041] The media item may be encrypted. If the media item is encrypted, a 
license must be obtained to enable media renderer 108 to play the selected media item. 
As previously indicated, the licenseURI and keylD, which are not encrypted, but are 
included in the encrypted digital media item, may be obtained by media renderer 108 to 
determine the location of the license. When media renderer 108 determines that the 
media item is encrypted, media renderer 108 obtains the keylD and licenseURI from the 
retrieved media item and sends them to control point 114 (block 408). As previously 
indicated, the keylD and licenseURI are used by local license server 106 to retrieve the 
license. The process then proceeds to decision block 410. 

[0042] In decision block 410, it is determined whether control point 114 has 
indicated that the license is available from the local license server. If control point 1 14 
has not sent an indication that the license is available from local license server 106, 
then media renderer 108 will send a message to local license server 106 via control 
point 114 to obtain the license from a license server, such as license sen/er 118, using 
the licenseURI and keylD (block 412). In one embodiment, media renderer 108 may 
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send the message directly to local license server 106 to obtain the license from the 
license server. The process then returns to decision block 410 to see if control point 
1 14 has indicated that the license is available at local license sen/er 106. 
[0043] In decision block 410, if control point 114 has provided an indication that 
the license is available from local license server 106, the indication will include a 
location URL The location URI provides the location of the license within local license 
server 106. The process then proceeds to block 414. 

[0044] In block 414, media renderer 108 establishes a secure connection to local 
license server 106. Using the location URI, media renderer 108 requests that the 
license be sent from local license server 106 to enable the decryption of the user's 
selected media item in block 418. Note that the license contains a key that enables 
media renderer 108 to decrypt the media content. 

[0045] Before local license server 106 may send the requested license, local 
license sen/er 106 must validate license access rules to determine whether the license 
may be transferred to media renderer 108. License access rules include the terms of 
the license. For example, if the license was obtained for enabling play of the media 
item five (5) times and the media item has already been played 5 times, local license 
server 106 will adhere to the access rules of the license and will deny the license to 
media renderer 108. This requires local license server 106 to manage the license by 
tracking the usage of the license. In another example, If the license requires that the 
media be played on a maximum of two devices, local license server 106 must ensure 
that media renderer 108 will not play the media on more than two media rendering 
devices before transferring the license to media renderer 108. Thus, embodiments of 
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the present invention allow other media devices within the home network to also play 
the media content if the terms of the license purchased by the user allow for multiple 
devices to be used. Therefore, embodiments of the present invention do not limit the 
playback of media content to one device on the home network, but allow multiple 
devices to play the media content at the same time. 

[0046] In one embodiment, license access rules may include owner rules for 
playing media licenses. Owner rules are personal rules that are integrated into the 
license access rules to be used by local license sen/er 106 in managing a license. 
Owner rules may include, but are not limited to, an indication of who can play the 
selected digital media, an indication of when the selected digital media can be played, 
and an indication as to the number of times the digital media can be played by certain 
Individuals. For example, a parent may purchase a license to play a video game for 
his/her children, but the parent only wants the children to play the game on weekends. 
The parent may stipulate a rule to local license sender 106 that when the game is 
requested by his/her children, that the license be transferred to media renderer 108 only 
on weekends. In this instance, local license server may only provide the license on a 
Saturday or Sunday. 

[0047] In decision block 416, it is determined whether the license is valid. Again, 
this process is performed by local license server 106 as indicated above. If the license 
is valid, control passes to block 41 8. 

[0048] In block 418, the license is sent to media renderer 108 via a secure out of 
band license transfer. The key from the license is then used by media renderer 108 to 
decrypt the media content. 
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[0049] In block 420, play of the digital media item Is then enabled on the desired 
media device(s). Once the digital media item has been played, the digital media item is 
no longer located at media renderer 108. 

[0050] Returning to decision block 416, if local license server 106 determines the 
indicated use of the license to be invalid, the license is not sent to media renderer 108. 
Therefore, the digital media item cannot be decrypted, and the process proceeds to 
block 422, where the process ends. 

[0051] Certain aspects of embodiments of the present invention may be 
implemented using hardware, software, or a combination thereof and may be 
implemented in one or more computer systems or other processing systems. In fact, in 
one embodiment, the methods may be implemented in programs executing on 
programmable machines such as mobile or stationary computers, personal digital 
assistants (PDAs), set top boxes, cellular telephones and pagers, and other electronic 
devices that each include a processor, a storage medium readable by the processor 
(including volatile and non-volatile memory and/or storage elements), at least one input 
device, and one or more output devices. Program code is applied to the data entered 
using the input device to perform the functions described and to generate output 
information. The output information may be applied to one or more output devices. 
One of ordinary skill in the art may appreciate that embodiments of the invention may be 
practiced with various computer system configurations, including multiprocessor 
systems, minicomputers, mainframe computers, and the like. Embodiments of the 
present invention may also be practiced in distributed computing environments where 
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tasks may be performed by remote processing devices that are linl<ed thirough a 
communications networl<. 

[0052] Each program may be implemented in a high level procedural or object 
oriented programming language to communicate with a processing system. However, 
programs may be implemented in assembly or machine language, if desired. In any 
case, the language may be compiled or interpreted. 

[0053] Program instructions may be used to cause a general-purpose or special- 
purpose processing system that is programmed with the instructions to perform the 
methods described herein. Altematively, the methods may be performed by specific 
hardware components that contain hardwired logic for performing the methods, or by 
any combination of programmed computer components and custom hardware 
components. The methods described herein may be provided as a computer program 
product that may include a machine readable medium having stored thereon 
instructions that may be used to program a processing system or other electronic device 
to perform the methods. The term "machine readable medium" or "machine accessible 
medium" used herein shall include any medium that is capable of storing or encoding a 
sequence of instructions for execution by the machine and that causes the machine to 
perform any one of the methods described herein. The terms "machine readable 
medium" and "machine accessible medium" shall accordingly include, but not be limited 
to, solid-state memories, optical and magnetic disks, and a carrier wave that encodes a 
data signal. Furthermore, it is common in the art to speak of software, in one form or 
another {e.g., program, procedure, process, application, module, logic, and so on) as 
taking an action or causing a result. Such expressions are merely a shorthand way of 



42390. PI 6771 



- 17- 



stating the execution of the software by a processing system to cause the processor to 
perform an action or produce a result. 

[0054] While various embodiments of the present invention have been described 
above, it should be understood that they have been presented by way of example only, 
and not limitation. It will be understood by those skilled in the art that various changes 
in form and details may be made therein without departing from the spirit and scope of 
the invention as defined in the appended claims. Thus, the breadth and scope of the 
present invention should not be limited by any of the above-described exemplary 
embodiments, but should be defined in accordance with the following claims and their 
equivalents. 
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